Cyber Service Senior Associate
PwC is driving major change across information and cyber security by building a centralized model to provide security services across the entire member firm network.
Mandated at the network level, Network Information Security (NIS) operates outside Information Technology (IT) and is responsible for this major program initiative, from definition of the security strategy to execution of the global Cyber Readiness Program, moving from local to global services.
Our mission is to identify, control and reduce the attack surface across the member firm network while increasing our adversaries’ cost of attack.
In order to deliver the Cyber Readiness Program the NIS team is structured into the following Pillars:
Information Security Risk and Compliance (ISRC)
Chief Information Security Officer (CISO)
Security Architecture, Engineering, Innovation and Transformation (SAEIT)
Cyber Security Services
Strategy and Alliances
Chief of Staff
NIS are building the first global cyber security function at PwC. Our mission protects 223,000 PwC members across 157 member firms worldwide as well as our global clients.
The Cyber pillar within NIS is responsible for the following services:
Cyber Service Transition
Cyber Service Management
Cyber Threat Management
Identity and Access Management
If you love security technology this is the place to be. Within Cyber we work closely with SAEIT to deliver implemented technology into our central service environment, taking care in integrating solutions and driving operational excellence to deliver the maximum value to our customer, the PwC network of firms. From here the focus is on the utilisation of enterprise security products in order to proactively gather cyber threat intelligence, hunt potential malicious actors across our network, conduct forensics analysis, and provide rapid response to potential cyber security incidents.
Scope of Responsibility:
The Service Management team focuses on operational excellence in the delivery of Information Security services to internal customers with the primary responsibility of developing and delivering service management strategies, integration and onboarding of new customers and reporting of the overall health and continual improvement of the service.
Engage engineering team to understand emerging security technology roadmap;
Engage customer stakeholders (member firm Chief Information Security Officers (CISOs)) who will consume newly operational security technology services in order to understand and define the optimum service state;
Illustrate and deliver continuous improvement across the service/services under management;
Prioritise service integration of new security technologies in line with customer demand;
Planning and delivery of strategies to support the NIS service catalogue, creating and sustaining customer value; and
Act as trusted advisors to leadership and territories, pertaining to the transition of centralised security services from design and implementation (SAIET) into run operations (Cyber).
Strategic and Technical Orientation / Job Content:
Experience transitioning, maintaining, or using Security Technologies such as Security Incident and Event Management (SIEM), Endpoint protection, Data Loss Prevention, Forensic tools;
Understanding of security technology operational industry standards;
Experience contributing to a central technology service organization;
Navigating a matrix organization; and
Experience collaborating with multiple stakeholders across functional and technical skillsets.
Range of Impact:
A 2E employee possesses deep knowledge in a specific subject matter area or technical domain within Service Management that is applied to solve business problems and deliver necessary results.
The employee incorporates existing Firm knowledge, subject matter, or technical domain expertise into work activities.
2E staff often resolve challenging problems in collaboration with others and take initiative when appropriate to make independent choices on matters of significance, and influence others within Cyber Service Management.
Working within cross-functional teams and sub-teams, completing projects and tasks on-time and as promised.
Demonstrates proven skills and thorough comprehension in functional areas of Service Management both as an individual contributor and team member.
Monitor workloads within the team to deliver against the requirements within Service Management while making sure leadership are informed of progress and issues.
Embracing Service Management concepts and principles, including facilitation, diplomacy, negotiation with and influence of others, creativity, and organization, strategy, business performance, project and change management;
Developing service delivery strategies for new security technologies, implementation requirements, and integration into a larger service portfolio contributing to the decision-making process for the broader scope of a security or IT organization.
Instill industry standard service management techniques such as ITIL, PMI or LEAN in order to best integrate built security technologies into a central service environment and effectively manage the services in an operational environment...
Drive operational excellence of implemented security technologies, this could be in the form of cost savings across the services, performance to SLAs, compliance with relevant industry standards etc.
Reduce time to utilise new services
Minimise impact of new security technologies and services on the business
Identify, capture and document service management processes
Measurement of continual improvement activities through LEAN methodologies
An effective Cyber Service Management candidate will also possess the following skills:
Collaborating with cross functional teams to develop enterprise security services consistent with the current NIS security strategy
Contributing to new security services, capabilities and methodologies to protect the firm’s information assets;
Leveraging facts and data in approaching problems, considering both the customer's perspective and the enterprise's perspective while focusing on overarching goals and objectives;
Exhibiting capabilities to multitask, performing and delivering results as both part of a team and independently;
Writing, communicating, facilitating, and presenting cogently to and/or for all levels of industry audiences, clients and internal staff and management on technical concepts and issues, including translating technical security verbiage to non-technical verbiage to various business leaders;
Demonstrating relationship and team building skills that foster an inclusive and collaborative environment for stakeholders and team members; and,
Collaborating with an extensive security staff, including direct reports, matrix reports, and contractors to create an atmosphere of trust, seeking diverse views to encourage improvement and innovation, answering questions and providing direction to less-experienced staff, coaching staff including providing and accepting timely meaningful written and verbal feedback
Adapting to ever-changing environments and schedules, including the ability and willingness to work extended hours and conduct business travel domestically and/or globally